情境:準備將 App 從開發階段改為上架,其中整合 Facebook SDK。
建議一定要先看完 Signing in Release Mode 這一段說明,對於如何簽出一個可以上架的 App 會非常有幫助。簡單來說,您本來就必須要用 keystore 簽署一支 app ,只是多了 Facebook App 的話,需要在 Facebook 上多做設定。請特別注意 debug key hash 跟 release key hash 是不能共用的。

0. Avoid Trouble: Start from Scratch

這裡先講述清楚 Facebook 官方的教學文件 - Getting Started with the Facebook SDK for Android ,以免有人跟我一開始一樣只會傻傻地用 code 卻沒有用心看仔細,到最後才跑出一堆包QQ。裡面有一段話是這麼說的:

Put simply, every Android app you'll create will be signed, and you will need to register each app's key hash with Facebook as a security check for authenticity - as we'll see later. But to bypass this check for the SDK samples and to get them up and running quickly, you can add your key hash to your global Facebook Developer profile.

也就是說,一個 Facebook SDK 要能夠跟 Android App 正常的互動,必須依賴這個 key hash 來達成安全性。必須做的事情是

  • 用 keytool 指定 debug.keystore 產生一組 keyhash
  • 將 keyhash 放到 Facebook App Settings
  • (為了快速開發) 將 keyhash 放到您(開發者)自己的 Facebook Developer Settings

以開發者的角度來說,這樣設定就已經可以開發了,但是如果今天我們要發佈一支 Android App 時,就不能以 debug.keystore 來簽出 keyhash,而是必須使用 release.keystore。
Android Facebook SDK 3.0 gives “remote_app_id does not match stored id” while logging in 中有詳細的說明:

  • default android debug key:
    keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64
    
  • your application release key:
    keytool -exportcert -alias yourappreleasekeyalias -keystore ~/.your/path/release.keystore | openssl sha1 -binary | openssl base64
    

所以,一個要上架/已上架的 App 應該會有 2 個 key hash,請記得都要加入到 Facebook App 設定裡。

By default, the app's package is signed with a machine specific debug key. When publishing the app it is typically signed with a different, release key. Therefore, you want to make sure you have the hashes of all the related keys set on Facebook

另外,針對 Developer settings 中的 Android Key Hash 欄位, tutorial 說

Note that you can add multiple key hashes here if you are developing with multiple machines

這句話表面上是說,「如果你(很有錢)有多個機子,你可以加入多個 key hash 」,但其實同時也代表了「 不同的機子要使用不同的 key hash」。所以如果是多個工程師在共同開發時,記得要各自在自己的電腦上產生 key hash,加到 Facebook App settings 跟自己的 Developer settings。


接著就來講我當初沒有依照上面的方式,結果跑出來的錯誤

1. Trouble-shooting: Trouble

ERROR MESSAGES:


2. Trouble-shooting: Shooting

  1. 用 Keytool 產生一組 Key Hash,並將這組 Key Hash 放到 Facebook App 跟您的 Facebook Developer Settings,方法如 How to generate Key Hash for facebook SDK In Mac。如果是 Windows 的話,可以參考 [Android] Facebook SDK - Intellij Environment Setup

最後,若您無法使用 keytool 正常簽出可用的 key hash,請參照以下的 code (一樣在 Getting Started with the Facebook SDK for Android 裡有提供)

@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    // Add code to print out the key hash
    try {
        PackageInfo info = getPackageManager().getPackageInfo(
                "com.facebook.samples.hellofacebook", 
                PackageManager.GET_SIGNATURES);
        for (Signature signature : info.signatures) {
            MessageDigest md = MessageDigest.getInstance("SHA");
            md.update(signature.toByteArray());
            Log.d("KeyHash:", Base64.encodeToString(md.digest(), Base64.DEFAULT));
            }
    } catch (NameNotFoundException e) {

    } catch (NoSuchAlgorithmException e) {

    }
    ...

Comments

comments powered by Disqus
Copyright © 2013 Andro Chen
Powered by Logdown and Greyshade
Favicon from The Noun Project